this post was submitted on 14 Oct 2023
677 points (98.7% liked)

Privacy

31931 readers
938 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

cross-posted from: https://lemmy.ml/post/6469594

How to contact your MEP.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 137 points 1 year ago (10 children)

I have helped a little with some ongoing research on the subject of client-side-scanning in a European research center. Only some low level stuff, but I possess a solid background in IT security and I can explain a little what the proposition made to the EU is. I am by no means condemning what is proposed here.I myself based on what experts have explained am against the whole idea because of the slippery slope it creates for authoritarian government and how easily it can be abused.

The idea is to use perceptual hashing to create a local or remote database of known abuse material (Basically creating an approximation of already known CP content and hashing it) and then comparing all images accessible to the messaging app against this database by using the same perceptual hashing process on them.

It's called Client-Side-Scanning because of the fact that it's simply circumventing the encryption process. Circumvention in this case means that the process happens outside of the communication protocol, either before or after the images, media, etc, are sent. It does not matter that you use end-to-end encryption if the scanning is happening on you data at rest on your device and not in transit. In this sense it wouldn't directly have an adverse effect on end-to-end encryption.

Some of the most obvious issues with this idea, outside of the blatant privacy violation are:

  1. Performance: how big is the database going to get? Do we ever stop including stuff?
  2. Ethical: Who is responsible for including hashes in the database? Once a hash is in there it's probably impossible to tell what it represent, this can obviously be abused by unscrupulous governments.
  3. Personal: There is heavy social stigma associated with CP and child abuse. Because of how they work, perceptual hashes are going to create false positives. How are these false positives going to be addressed by the authorities? Because when the police come knocking on your door looking for CP, your neighbors might not care or understand that it was a false positive.
  4. False positives: the false positive rate for single hashes is going to stay roughly the same but the bigger the database gets the more false positive there is going to be. This will quickly lead to problems managing false positive.
  5. Authorities: Local Authorities are generally stretcht thin and have limited resources. Who is going to deal with the influx of reports coming from this system?
[–] [email protected] 3 points 1 year ago* (last edited 1 year ago) (2 children)

Thanks for the explanation. Do you know how they’re planning to implement this client side scanning? Take an iPhone for example— where Apple has already ditched their plans to do the same device-wide. Is it planned for WhatsApp, Signal etc. to be updated to force perpetual scanning of the iPhone’s photo album? Because that can be turned off quite easily at the OS level.

The only way I could see them doing it is by scanning any image that is selectively chosen to be sent before the actual message itself is sent—i.e. after it’s selected but before the send button is pressed. Otherwise it’s breaking the E2E encryption.

Is that the plan?

[–] [email protected] 5 points 1 year ago (1 children)

Client-Side-Scanning is going to be implemented by the messaging app vendor. This means that it's limited by OS or Browser sandboxing . Therefore it's definitely limited to what the messaging app has access to. However, I'm not sure what the actual scope would be, meaning if all accessible images are going to be scanned or only the one being transmitted to someone.

[–] [email protected] 4 points 1 year ago

What stops you from using a free software client that verifiably doesn't do so? The mainstream messengers were not safe already anyway.

load more comments (7 replies)